Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/me63HqABuF_L1gzDMNr4tD0-_x0.roa
File: me63HqABuF_L1gzDMNr4tD0-_x0.roa (raw, json)
Hash identifier: zJlhh8xazmxl8Kg3zago+tK2p8hR++8qWZuYG9yUgm8=
Subject key identifier: 99:EE:B7:1E:A0:01:B8:5F:CB:D6:0C:C3:30:DA:F8:B4:3D:3E:FF:1D
Certificate issuer: /CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Certificate serial: 03F7B039
Authority key identifier: 70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/me63HqABuF_L1gzDMNr4tD0-_x0.roa
Signing time: Tue 26 Apr 2022 09:51:59 +0000
ROA not before: Tue 26 Apr 2022 09:51:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3339
IP address blocks: 185.209.120.0/22 maxlen: 22
185.255.104.0/22 maxlen: 22
192.145.40.0/22 maxlen: 22
185.177.168.0/22 maxlen: 22
185.233.76.0/22 maxlen: 22
185.73.188.0/22 maxlen: 22
185.72.12.0/24 maxlen: 24
185.72.12.0/22 maxlen: 22
185.95.56.0/22 maxlen: 22
91.200.244.0/22 maxlen: 22
176.97.224.0/22 maxlen: 22
2a0a:4280::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66564153 (0x3f7b039)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Validity
Not Before: Apr 26 09:51:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99eeb71ea001b85fcbd60cc330daf8b43d3eff1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5d:85:08:91:f9:49:a8:c7:7e:0c:fa:06:d7:
2f:47:2e:95:a6:aa:b7:d4:d7:fa:0b:b0:0e:5e:16:
86:c0:a9:5c:88:f6:2b:f7:1b:5d:ee:d6:17:6e:bf:
2d:d1:c5:2f:87:fc:6a:55:d1:eb:89:d1:d3:62:bc:
8f:55:2c:3f:46:71:94:a7:73:6f:bd:eb:2c:c0:71:
a1:68:4c:13:f2:4d:2f:d5:18:44:d1:a2:86:fd:46:
7d:9b:e5:69:c6:2c:61:43:b3:6a:94:f3:46:54:ef:
3b:c5:9b:9b:5c:2b:21:b8:4b:d6:de:eb:b8:48:ad:
6a:7d:59:4d:37:8a:05:31:89:44:c4:54:c1:10:e0:
90:5b:42:56:4d:e7:9b:e2:b7:9f:2d:63:11:0e:22:
ac:25:f1:29:56:ed:ad:89:18:5c:51:d6:cd:81:45:
04:50:05:b5:62:6a:6a:0b:34:be:d4:dc:77:1b:7e:
3e:cb:38:52:b8:aa:c7:3c:a2:5a:00:ff:53:a7:44:
cf:e9:bb:6b:47:34:e5:67:1e:46:b5:bb:57:df:d6:
86:c8:7f:e5:0a:07:2b:54:1e:cd:1d:c6:20:07:a6:
c9:7e:03:78:51:73:c0:a0:30:89:df:67:fb:a5:64:
a0:e0:9f:71:eb:4f:f8:13:8e:0f:80:dd:ac:d0:f0:
65:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:EE:B7:1E:A0:01:B8:5F:CB:D6:0C:C3:30:DA:F8:B4:3D:3E:FF:1D
X509v3 Authority Key Identifier:
keyid:70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/me63HqABuF_L1gzDMNr4tD0-_x0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.244.0/22
176.97.224.0/22
185.72.12.0/22
185.73.188.0/22
185.95.56.0/22
185.177.168.0/22
185.209.120.0/22
185.233.76.0/22
185.255.104.0/22
192.145.40.0/22
IPv6:
2a0a:4280::/29
Signature Algorithm: sha256WithRSAEncryption
c2:41:0d:35:cf:35:7c:51:ad:11:99:5d:79:6b:04:57:08:70:
93:11:82:87:25:de:88:24:06:31:97:3e:78:23:f8:de:e2:c2:
a0:ac:1e:81:07:38:40:91:b9:2c:17:51:33:1e:31:68:db:84:
1f:5f:f2:b0:15:91:0d:28:4e:b8:2a:d8:d2:30:10:2f:1a:61:
c6:65:51:6b:4f:70:ea:8b:84:cf:39:a3:70:18:7e:03:91:52:
ff:9b:28:56:78:90:e5:d2:d5:5c:68:3d:65:bd:cf:e2:79:03:
a5:7e:72:66:fd:3f:13:0a:7f:28:60:36:8f:4e:6d:70:92:67:
7d:a9:30:5e:32:57:73:e2:be:44:b3:39:77:23:68:8e:5f:c3:
d9:3b:4e:5f:20:8c:49:fc:0b:10:ec:0e:5f:c5:25:13:83:b0:
b1:c2:ca:63:3e:f9:e9:61:8a:41:cf:46:c9:67:10:ad:d1:22:
0a:31:89:51:e1:46:06:74:d4:19:50:6b:2a:4a:3a:a1:e5:a3:
37:a9:b6:f8:93:5e:25:17:57:9f:a8:8c:79:ce:0d:67:38:95:
85:8d:f1:12:01:9c:2b:dd:87:90:0b:d8:31:bf:86:51:4d:a5:
36:80:0f:29:07:b4:09:70:fa:e7:a3:84:19:94:3e:7d:4e:76:
89:22:a5:01
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIEA/ewOTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDk0YTQyNTU5NWU5MjNjNGI1M2I5YzAwMGFhOGYxOWFkOTIzZjIwMB4XDTIyMDQy
NjA5NTE1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTllZWI3MWVhMDAx
Yjg1ZmNiZDYwY2MzMzBkYWY4YjQzZDNlZmYxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJdhQiR+Umox34M+gbXL0culaaqt9TX+guwDl4WhsCpXIj2
K/cbXe7WF26/LdHFL4f8alXR64nR02K8j1UsP0ZxlKdzb73rLMBxoWhME/JNL9UY
RNGihv1GfZvlacYsYUOzapTzRlTvO8Wbm1wrIbhL1t7ruEitan1ZTTeKBTGJRMRU
wRDgkFtCVk3nm+K3ny1jEQ4irCXxKVbtrYkYXFHWzYFFBFAFtWJqags0vtTcdxt+
Pss4UriqxzyiWgD/U6dEz+m7a0c05WceRrW7V9/Whsh/5QoHK1QezR3GIAemyX4D
eFFzwKAwid9n+6VkoOCfcetP+BOOD4DdrNDwZTkCAwEAAaOCAk4wggJKMB0GA1Ud
DgQWBBSZ7rceoAG4X8vWDMMw2vi0PT7/HTAfBgNVHSMEGDAWgBRwlKQlWV6SPEtT
ucAAqo8ZrZI/IDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NKU2tKVmxla2p4TFU3bkFBS3FQR2EyU1B5QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmEvOTYzMTcwLTU4YmUtNDZiYi1hNWRlLTc3NzM3M2U2MDU1ZS8x
L21lNjNIcUFCdUZfTDFnekRNTnI0dEQwLV94MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEv
OTYzMTcwLTU4YmUtNDZiYi1hNWRlLTc3NzM3M2U2MDU1ZS8xL2NKU2tKVmxla2p4
TFU3bkFBS3FQR2EyU1B5QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBk
BggrBgEFBQcBBwEB/wRVMFMwQgQCAAEwPAMEAlvI9AMEArBh4AMEArlIDAMEArlJ
vAMEArlfOAMEArmxqAMEArnReAMEArnpTAMEArn/aAMEAsCRKDANBAIAAjAHAwUD
KgpCgDANBgkqhkiG9w0BAQsFAAOCAQEAwkENNc81fFGtEZldeWsEVwhwkxGChyXe
iCQGMZc+eCP43uLCoKwegQc4QJG5LBdRMx4xaNuEH1/ysBWRDShOuCrY0jAQLxph
xmVRa09w6ouEzzmjcBh+A5FS/5soVniQ5dLVXGg9Zb3P4nkDpX5yZv0/Ewp/KGA2
j05tcJJnfakwXjJXc+K+RLM5dyNojl/D2TtOXyCMSfwLEOwOX8UlE4OwscLKYz75
6WGKQc9GyWcQrdEiCjGJUeFGBnTUGVBrKko6oeWjN6m2+JNeJRdXn6iMec4NZziV
hY3xEgGcK92HkAvYMb+GUU2lNoAPKQe0CXD656OEGZQ+fU52iSKlAQ==
-----END CERTIFICATE-----
Generated at Wed Apr 23 04:10:29 2025 by rpki-client